This invention relates to the field of control of access to services available through computer operating systems. More particularly the invention relates to control of access to services available through multilevel secure systems wherein a multilevel secure operating system implements mandatory access control and maintains security labels.
In the past, computer operating systems have relied on a plurality of gatekeepers, often called “daemons,” to monitor all requests and to control access to services. These computer operating systems have thereby allowed decentralization of many management functions and related security functions. While often beneficial, such decentralization can jeopardize system security, integrity, and consistency. Complexity of design and implementation and uncoordinated decentralized management can lead to inconsistency and compromises in security.
These inconsistencies in general computer operating systems are of even greater concern in multilevel secure operating systems. Complexity of design and implementation is greater in these multilevel secure operating systems, and decentralized management of security policies leads to potential compromise of information under protection of these systems. Furthermore, in multilevel secure operating systems, these gatekeepers have provided more than the gatekeeping functions by maintaining session contexts, maintaining user security label information, and allowing access to services available at multiple security labels. In multilevel secure operating systems these implementations are often inefficient, leading to high processing overhead. Thus, in multilevel secure operating systems, distributed access management through multiple autonomous gatekeepers controlling access at multiple security labels is a reason for concern.